OCLC's Commitment to Secure Library Services

Safeguarding your data while sharing your collections

OCLC understands that the confidentiality, integrity, and availability of our members' information are vital to their business operations and our own success. We use a multi-layered approach to protect key information by constantly monitoring and improving our applications, systems, and processes to meet the growing demands and challenges of dynamic security threats. In recognition of our security efforts, OCLC has met ISO 27001 security standards and has received registrations.

Information Security and Enterprise Risk Management

Implemented an Information Security Management System in accordance with ISO/IEC 27001:2013

Professional staff of certified information security and information technology professionals and a full-time dedicated specialist in Disaster Recovery

Physical and Environmental Controls

24-hour staffed security

Restricted access via proximity cards

Computing equipment in access-controlled areas

Video surveillance throughout facility and perimeter

Humidity and temperature control

Raised flooring to facilitate continuous air circulation

Underground utility power feed

Uninterruptible power systems (UPS)

Redundant power distribution units (PDUs)

Diesel generators with on-site diesel fuel storage

Smoke and fire detection sensors throughout the data centers

The Dublin Service Delivery Center (DSDC) is protected by a Halon system with sufficient reserves for multiple discharges

The Columbus Service Delivery Center (CSDC) is protected by a DuPont FM-200 fire suppression system

The data centers are also protected by wet-pipe sprinkler systems

There are fire extinguishers maintained throughout the DSDC and CSDC

Logical Access Controls

User identification and access management

Connections to patron data via TLS 1.1 and 1.2, using global step-up certificates from Thawte, ensuring that our users have a secure connection from their browsers to our service